Risk Manager (Information Security, Copenhagen)

Job summary

This role involves managing and developing an Information & Compliance Risk Management Framework within a global consultancy, focusing on cyber and data-related compliance risks. The position is part of the CISO Office and requires collaboration with various teams to ensure effective risk assessments and reporting.

Qualifications

• At least 5 years of experience in risk management, information security, compliance, audit, or governance.
• Practical experience with risk assessments and maintaining risk registers.
• Familiarity with international standards such as ISO 31000 and ISO 27005.
• Ability to simplify complex technical and regulatory information into understandable risk statements.
• Knowledge of AI Act, Data Act, NIS2, and GDPR is advantageous.

Responsibilities

• Own and enhance the Information & Compliance Risk Management Framework in line with ISO standards.
• Maintain and govern the security and compliance risk register.
• Facilitate structured risk assessments and workshops with input from various teams.
• Ensure clear documentation of risk descriptions, scoring, ownership, and treatment decisions.
• Prepare consolidated risk reports for the CISO Office and security governance forums.

Skills

• Strong analytical and communication skills.
• Ability to work collaboratively across different teams.
• Proficiency in risk management frameworks and compliance standards.

Education

• Relevant degree in a related field is preferred.

Tools

• Familiarity with risk management software and reporting tools is beneficial.